Commit 3dcfa802 authored by Sergey Vojtovich's avatar Sergey Vojtovich

BUG#58205 - Valgrind failure in fn_format when called from

            archive_discover

Fixed buffer underrun in cleanup_dirname().

Also fixed that original (unencoded) database and table
names were used to discover archive tables.

mysql-test/r/archive.result:
  A test case for BUG#58205.
mysql-test/t/archive.test:
  A test case for BUG#58205.
mysys/mf_pack.c:
  Fixed buffer underrun in cleanup_dirname(), when
  it gets path like "a/../" (relative path, where
  first directory is to be cut off).
storage/archive/ha_archive.cc:
  Handler discover method gets database and table
  names as is. It must use build_table_filename()
  to get name similar to what it gets on create()
  and open().
parent c78e497b
...@@ -12801,3 +12801,9 @@ t1 CREATE TABLE `t1` ( ...@@ -12801,3 +12801,9 @@ t1 CREATE TABLE `t1` (
`a` int(11) DEFAULT NULL `a` int(11) DEFAULT NULL
) ENGINE=ARCHIVE DEFAULT CHARSET=latin1 ) ENGINE=ARCHIVE DEFAULT CHARSET=latin1
DROP TABLE t1; DROP TABLE t1;
#
# BUG#58205 - Valgrind failure in fn_format when called from
# archive_discover
#
CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
DROP TABLE `a/../`;
...@@ -1722,3 +1722,11 @@ INSERT INTO t1 VALUES (2); ...@@ -1722,3 +1722,11 @@ INSERT INTO t1 VALUES (2);
SELECT * FROM t1 ORDER BY a; SELECT * FROM t1 ORDER BY a;
SHOW CREATE TABLE t1; SHOW CREATE TABLE t1;
DROP TABLE t1; DROP TABLE t1;
--echo #
--echo # BUG#58205 - Valgrind failure in fn_format when called from
--echo # archive_discover
--echo #
CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
remove_file $MYSQLD_DATADIR/test/a@002f@002e@002e@002f.frm;
DROP TABLE `a/../`;
...@@ -192,7 +192,8 @@ size_t cleanup_dirname(register char *to, const char *from) ...@@ -192,7 +192,8 @@ size_t cleanup_dirname(register char *to, const char *from)
end_parentdir=pos; end_parentdir=pos;
while (pos >= start && *pos != FN_LIBCHAR) /* remove prev dir */ while (pos >= start && *pos != FN_LIBCHAR) /* remove prev dir */
pos--; pos--;
if (pos[1] == FN_HOMELIB || memcmp(pos,parent,length) == 0) if (pos[1] == FN_HOMELIB ||
(pos > start && memcmp(pos, parent, length) == 0))
{ /* Don't remove ~user/ */ { /* Don't remove ~user/ */
pos=strmov(end_parentdir+1,parent); pos=strmov(end_parentdir+1,parent);
*pos=FN_LIBCHAR; *pos=FN_LIBCHAR;
......
...@@ -20,6 +20,7 @@ ...@@ -20,6 +20,7 @@
#include "sql_priv.h" #include "sql_priv.h"
#include "probes_mysql.h" #include "probes_mysql.h"
#include "sql_class.h" // SSV #include "sql_class.h" // SSV
#include "sql_table.h"
#include <myisam.h> #include <myisam.h>
#include "ha_archive.h" #include "ha_archive.h"
...@@ -256,7 +257,7 @@ int archive_discover(handlerton *hton, THD* thd, const char *db, ...@@ -256,7 +257,7 @@ int archive_discover(handlerton *hton, THD* thd, const char *db,
char *frm_ptr; char *frm_ptr;
MY_STAT file_stat; MY_STAT file_stat;
fn_format(az_file, name, db, ARZ, MY_REPLACE_EXT | MY_UNPACK_FILENAME); build_table_filename(az_file, sizeof(az_file) - 1, db, name, ARZ, 0);
if (!(my_stat(az_file, &file_stat, MYF(0)))) if (!(my_stat(az_file, &file_stat, MYF(0))))
goto err; goto err;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment